[Secure-testing-commits] r2042 - data/CAN

Florian Weimer fw at costa.debian.org
Mon Sep 19 09:07:35 UTC 2005 

Author: fw
Date: 2005-09-19 09:07:31 +0000 (Mon, 19 Sep 2005)
New Revision: 2042

Modified:
   data/CAN/list
Log:
More data from bugs-dist.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-18 13:18:33 UTC (rev 2041)
+++ data/CAN/list	2005-09-19 09:07:31 UTC (rev 2042)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [insecure temporary file handling in arc]
+	- arc (unfixed; bug #329053; low)
+CAN-2005-XXXX [insecure temporary file handling in ncompress]
+	- ncompress (unfixed; bug #329052; low)
 CAN-2005-2917 [DoS vulnerability in squid's NMTL auth code]
 	- squid 2.5.10-6 (unknown)
 CAN-2005-XXXX [user password file created by gajim is world-redable]
@@ -29,7 +33,7 @@
 	NOTE: proactively fixed by the robustness patch
 	- twiki 20040902-2
 CAN-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2 allows ...)
-	- util-linux (unfixed; bug #328141; medium)
+	- util-linux (unfixed; bug #328141; bug #329063; medium)
 	- loop-aes-utils 2.12p-9 (bug #328626; medium)
 CAN-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code via ...)
 	- py2play (unfixed; bug #326976; medium)
@@ -1883,7 +1887,7 @@
 	- pdns 2.9.18-1 (medium; bug #318798)
 CAN-2005-2301 (PowerDNS before 2.9.18, when running with an LDAP backend, does not ...)
 	{DSA-771-1}
-	- pdns 2.9.18-1 (medium; bug #318798
+	- pdns 2.9.18-1 (medium; bug #318798)
 CAN-2005-2300 (Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary ...)
 	NOTE: not-for-us (Skype)
 CAN-2005-2299 (Multiple cross-site scripting (XSS) vulnerabilities in Simple Message ...)
@@ -3043,7 +3047,7 @@
 	- oops (unfixed; bug #318097; medium)
 	- rpm 4.0.4-31.1 (bug #318099; medium)
 	- rageircd 2.0.0-3sid1 (medium)
-	- systemimager-ssh (unfixed; bug #318101; medium)
+	- systemimager-ssh (unfixed; bug #318101; unimportant)
 	- texmacs 1:1.0.5-3 (bug #318100; medium)
 	- zlib 1:1.2.2-7 (medium)
 	NOTE: fixed in experimental in 1:1.0.5.6-1, not yet in sid

More information about the Secure-testing-commits mailing list